File monitor- c# or c++ [closed]

https://stackoverflow.com/questions/20398085

29-08-2022
|

Question

Closed. This question does not meet Stack Overflow guidelines. It is not currently accepting answers.

Questions asking us to recommend or find a tool, library or favorite off-site resource are off-topic for Stack Overflow as they tend to attract opinionated answers and spam. Instead, describe the problem and what has been done so far to solve it.

Closed 8 years ago.

Improve this question

I am developing a file monitor to monitor file access of any exe. I monitor that exe for any file it opens/closes,reads/writes and collect the stats.

I am total newcomer to ETW (as from my research, it does not look there is any other way to do this.)

while I have been able to get some c++ code going, my client would prefer a c# solution.is there enough support in c# to monitor file io?

the samples in msdn are c++/c specific. I read vance Morrison's blogs.but its beyond me at the moment and they don't seem to suit "nt kernel logging sessions/ monitor file io" scenarios.

can anyone give me a simple sample or point me to a useful link ? any inputs is welcome on this.

Solution

In windows, ultimately any file access is granted, by the underlying winapi. See CreateFile and familly. These functions are hook-able by Microsoft Detours (though it is intended for instrumention purposes). There are also a handfull of other libraries for this sort of purposes e.g. easyhook.

OTHER TIPS

Take a look at the FileSystemWatcher class.

Licensed under: CC-BY-SA with attribution

Not affiliated with StackOverflow